基于数字签名方案DSS/DSA的几种应用方案

随着计算机和网络通信技术的发展,数字签名技术得到了广泛的应用。文中以美国数字签名标准ＤＳＳ／ＤＳＡ为基础,设计了群体数字签名,数字签名的（ｔ,ｎ）共亨认证以及远程口令认证３种应用方案,即体数字允许多人分别签署同一份文件,然后所有的个体签名组成同一份群体签名。     

On the design of content-based multimedia authentication systems

Recently, a number of authentication schemes have been proposed for multimedia data. The main requirement for such authentication systems is that minor modifications which do not alter the content of the data preserve the authenticity of the data, whereas modifications which do modify the content render the data not authentic. These schemes can be classified into two classes depending on the underlying model of image authentication. We look at some of the advantages and disadvantages of these schemes and their relationship with limitations of the underlying model of image authentication. In particular, we study feature-based algorithms and hash-based algorithms. The main disadvantage of feature-based algorithms is that similar images generate similar features, and therefore it is possible for a forger to generate dissimilar images with the same features. On the other hand, the class of hash-based algorithms utilizes a cryptographic digital signature scheme and inherits the security of digital signatures to thwart forgery attacks. The main disadvantage of hash-based algorithms is that the image needs to be modified in order to be made authenticatable. We propose a multimedia authentication scheme which combines some of the best features of these two classes of algorithms. The proposed scheme utilizes cryptographic digital signature schemes and the data does not need to be modified in order to be made authenticatable. We show how results in sphere packings and coverings can be useful in the design. Several applications including the authentication of images on CD-ROM and handwritten documents are discussed.     

一个基于DCT压缩编码的多媒体认证系统

多媒体的认证是近年来随着Intetnet的发展而提出的一个新问题，与消息认证类型，多媒体认证用于确认多媒体数据的来源并检测是否被篡改，其虽可用传统的方法即密码学上的数字签名来实现，但数字签名用于多媒体认证有其局限性，脆弱水印为多媒体的认下提供了较好的解决方案，目前已经有了各种不同的脆弱水印算法，但这些算法都有它们各自的优缺点，在对Marvel等的方法（以下称其为MHB法）进行成功的攻击之后，通过对MHB的修正与扩展，给出了一种更安全的、能抵抗基于DCT的压缩的脆弱水印算，通过实验还证明了以像素值或其高位比特产生MAC的数字水印不能抵抗基于DCT的压缩。     

用于图象认证的数字水印技术

随着多媒体网络通讯技术的飞速发展 ,数字信息的安全维护问题日益突出 .目前 ,采用数字水印技术 (即脆弱性数字水印和半脆弱性数字水印 )进行数字图象的真实性、完整性认证已成为信息认证领域的研究热点 .为使国内广大科技人员能够较全面地了解数字水印图象认证技术的发展现状 ,给出了用于图象认证的数字水印系统的基本框架、性能要求及常见的攻击方法 ,介绍了现有的各种算法 ,分析和总结了各自的优缺点 ,并提出了下一步的研究方向 .     

Privacy-preserving authentication framework using bloom filter for secure vehicular communications

Vehicular ad hoc networks (VANETs) are the future of the intelligent transportation systems (ITS), which aim to improve traffic safety. The received message in VANETs can contain the malicious content that may affect the entire network; hence, these networks are more prone to such attacks. Thus, security is a major consideration before the deployment of such network. In this paper, a secure privacy-preserving authentication framework is proposed, which employs the use of pseudonyms for anonymous communication. A new digital signature scheme and aggregate verification scheme are designed for vehicular communications, and the ID-based signature scheme is used for vehicle-to-RSU communication. The multiple authorities are involved in revealing the identity of the vehicle in case of revocation. The signature verification scheme is improved by the use of bloom filters, and the results achieved by the proposed scheme have been implemented on a simulated environment.     

结合数字水印和签名的二值图像内容验证

该文在笔者以往研究的基础上,针对二值图像的特点,提出了一种结合数字水印和数字签名的算法,将该算法应用于二值图像内容验证。算法先从二值图像中提取签名值,然后把签名值信息作为水印随机地嵌回原图像。在此过程中,用“可修改分值”对图像每个象素点的“可修改程度”进行了量化,然后根据“可修改分值”大小随机选择象素点进行水印嵌入。理论分析和实验结果都表明,算法具有很好的不可感知性和安全性(抗攻击性)。实验还表明,算法对于针对二值图像的微小窜改都具有足够的灵敏度。     

基于数字水印的图像版权保护和内容认证方案

实现版权保护和内容认证是数字水印的两个最主要功能,而现有同时实现这两个功能的数字水印方案并不完美。提出了结合人类视觉系统在图像的绿色分量中嵌入版权信息,实现版权保护,在蓝色分量中嵌入二值图像,实现内容认证。实验证明该方法透明性好,版权保护水印对JPEG压缩、高斯噪声等攻击抵抗力强,内容认证水印能有效地刻画攻击和定位篡改。     

车载自组织网中条件隐私保护认证方案

针对车载自组织网(VANET)中身份认证的隐私保护问题,提出了一种车载网中条件隐私保护认证方案.首先,引入短签名技术,构造了一个新的基于身份的短签名方案.与主流方案CPAS相比,该方案降低了签名和验证过程所需的计算开销,提高了通信效率; 其次,将签名者的私钥分成相互关联的两部分,有效地解决密钥托管问题,适合于车载自组织网环境; 进而基于新的签名方案,提出了一种车载网中条件隐私保护认证方案,实现了条件隐私保护的身份认证功能.经理论和效率分析表明,所提方案在签名过程只需3次点乘运算,而在验证过程只需1次点乘和2次配对运算,所耗计算量少.特别地,所提方案使用加入小系数检测的批认证方法,不仅提高了认证速度还降低了误接受率.     

Fragile watermarking for authenticating 3-D polygonal meshes

Designing a powerful fragile watermarking technique for authenticating three-dimensional (3-D) polygonal meshes is a very difficult task. Yeo and Yeung were first to propose a fragile watermarking method to perform authentication of 3-D polygonal meshes. Although their method can authenticate the integrity of 3-D polygonal meshes, it cannot be used for localization of changes. In addition, it is unable to distinguish malicious attacks from incidental data processings. In this paper, we trade off the causality problem in Yeo and Yeung's method for a new fragile watermarking scheme. The proposed scheme can not only achieve localization of malicious modifications in visual inspection, but also is immune to certain incidental data processings (such as quantization of vertex coordinates and vertex reordering). During the process of watermark embedding, a local mesh parameterization approach is employed to perturb the coordinates of invalid vertices while cautiously maintaining the visual appearance of the original model. Since the proposed embedding method is independent of the order of vertices, the hidden watermark is immune to some attacks, such as vertex reordering. In addition, the proposed method can be used to perform region-based tampering detection. The experimental results have shown that the proposed fragile watermarking scheme is indeed powerful.     

具有消息认证功能的多重数字签名方案

根据具有消息认证功能的数字签名方案设计了两种新的基于离散对数问题的有序多重数字签名方案和广播多重数字签名方案。新的方案具有简单的初始化过程，在签名时具有随机性，在签字和验证方程中无须求逆，且具有消息认证功能。具有更高的实用性和安全性。     

基于脆弱性数字水印的图象完整性验证研究

计算机网络技术的飞速发展与信息媒体的数字化 ,使得在网络环境中对数字产品实施有效的内容保护成为一个迫在眉睫的现实问题 .传统的数字签名技术只是用于对通信领域的信息传送进行篡改检测 ,而脆弱性数字水印技术则为网络环境下多媒体的内容保护提供了一个有效的解决方案 .与鲁棒性水印不同的是 ,脆弱性水印主要用于检测发生在多媒体数据中的篡改 ,并对其定位 .为了推动我国在此前沿领域研究工作的进一步深入 ,这里就当前脆弱性数字图象图象水印技术的基本特征、一般原理、研究现状、攻击方法及发展方向进行一个综述 .     

基于数字水印的电子印章系统研究与实现

印章图像在实际商业交往中的应用很广泛,为确保其在印章域中的安全性,需要考虑一种新的基于印章域数字水印的防伪机制,并且对于打印扫描过程具有强鲁棒性.提出了一种在印章图像中嵌入数字水印以达到防伪目的的新思路,针对传统印章的易伪造弊端,通过将密码签名原理和数字水印技术应用于电子印章之中,并结合COM组件技术实现了机密文档的防篡改功能,身份认证功能及不可否认性功能.     

一种用于图像内容鉴别的数字签名方案

提出了一种稳健的数字签名方案用于图像内容鉴别．通过对图像的预处理，从图像行与列中提取出对JPEG压缩稳健的原始信息序列，然后利用Hash函数对原始信息序列进行加密并提取签名比特．产生的数字签名可以有效地鉴别图像内容的真伪并对蓄意的修改进行交叉定位．由于数字签名对于JPEG压缩是稳健的，从而把JPEG压缩操作与对图像的恶意修改区分开来．理论分析结果表明这种数字签名具有较高的修改检测概率．仿真结果充分证明了该方案的正确性和有效性．     

Efficient identity-based GQ multisignatures

ISO/IEC 14888 specifies a variety of digital signature mechanisms to sign messages of arbitrary length. These schemes can be applied to provide entity authentication, data origin authentication, non-repudiation, and data integrity verification. ISO/IEC 14888 consists of three parts under the general title Information technology—Security techniques—Digital signatures. Part II, or ISO/IEC 14888-2 specifies the general structure and the fundamental procedures for the generation and verification of an identity-based signature (IBS) mechanism for messages of arbitrary length. Particularly, the IBS scheme of Guillou and Quisquater (GQ) is described in Clauses 6–8. In this paper, an efficient identity-based multisignature (IBMS) scheme is proposed for the GQ IBS scheme, which allows multiple users using the ISO/IEC 14888-2 standard GQ scheme to generate multisignatures. The scheme is efficient in the sense that both the length and the verification time of the multisignatures are fixed. The proposed ID-based multisignature scheme is also secure against forgeability under adaptive chosen-message attack and adaptive chosen-identity attack in random oracle model.     

结合数字签名和数字水印的多媒体认证系统

探讨了基于数字签名的多媒体信息认证系统的身份认证机制和内容认证机制,分析了其基本构成以及安全性和存在的安全缺陷,提出了一种结合数字签名和数字水印的多媒体信息认证方案.系统采用双重身份认证机制和易碎水印内容认证机制,使得非法接触以及修改、伪造多媒体信息的内容都是不可能的.分析表明,该多媒体信息认证方案具有安全性强、可信度高、认证精度高等特点.     

A fragile watermarking scheme for detecting malicious modifications of database relations

Nowadays, with more and more data publicly available on the Internet, it is increasingly important to ensure the integrity of these data. The traditional solution is to use a digital signature scheme. However, a digital signature can only detect whether the entire data set has been modified; it cannot localize and characterize the modifications. In this paper, a novel fragile watermarking scheme is proposed to detect malicious modifications of database relations. In the proposed scheme, all tuples in a database relation are first securely divided into groups; watermarks are embedded and verified group by group independently. The embedded watermarks cannot only detect but also localize, and even characterize, the modifications made to the database. In the worst case, the modifications can be narrowed down to tuples in a group. Rigorous analysis shows that the modifications can be detected and localized with high probability, which is also demonstrated by our experimental results.     

一种基于可逆数字水印的图像认证方案

针对医疗图像、遥感图像等敏感数字图像在认证水印的嵌入过程中不能引入失真的特点,提出一种基于可逆数字水印的图像完整性认证方案:首先提取图像特征,将其作为hash函数的输入;再用图像发送者的私钥对hash值进行数字签名;最后将数字签名作为水印数据,利用图像相邻像素点差值直方图的特征,轻微改变图像像素点的灰度值来可逆嵌入水印数据。方案实现简单,水印嵌入后图像失真小,认证通过后还可以完全恢复原始图像。理论和实验证明水印嵌入后,PSNR值能达到51.14dB以上。     

一种基于自适应量化的半脆弱图像水印算法

提出了一种基于自适应量化的半脆弱图像水印嵌入方案，能够在不参考原始载体的情况下对数字图像同时进行版权保护和内容认证．该半脆弱水印嵌入方案具有以下特点：（1）抽取并利用了原数字水印的特征信息（作为辅助水印）；（2）采纳了基于人眼视觉特性的自适应量化策略；（3）数字水印信息的提取不需要原始载体图像；（4）采用整型提升小波变换，克服了小波域水印算法普遍存在的舍入误差问题；（5）能够同时进行版权保护与内容认证，并可确定篡改发生区域．仿真实验表明：该小波域水印嵌入方案不仅对JPEG压缩、叠加噪声、平滑滤波等常规图像处理具有较好鲁棒性。而且能够对替换等恶意图像篡改做出报警反应，同时其误检率与漏检率等关键技术指标均优于现有半脆弱水印嵌入算法．     

一种有效的脆弱型文本数字水印技术

给出一种有效的用于文本认证的脆弱型数字水印方案。通过提取文本的分块特征,结合密钥技术,该方案能够有效地检测文本是否被窜改,并能定位窜改发生的位置,从而可达到检验文本完整性的目的。而在作完整性检验时,该方案并不需要其他的辅助性认证数据。实验表明,该方案是一种比较有效的文本认证方案。